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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- ff NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)13 Responsive to communication(s) filed on 22 July 2005 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) IEI Claim(s) 1-16 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) M Claim(s) is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) M The specification is objected to by the Examiner. 

10) K The drawing(s) filed on 16 November 2001 is/are: a)l3 accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.D Certified copies of the priority documents have been received in Application No. . 



3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claims 1-16 have been examined. 

Specification 

2. The disclosure is objected to because of the following informalities: "export 
statement list portion 758" (Specification, page 49, lines 2 and 4). The reference 
number for the export statement list should be "458" (figure 12). 

Appropriate correction is required. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

4. Claims 1-16 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claims 1-16 are not limited to tangible 
embodiments. In view of applicant's disclosure, specification page 64, line 16 - page 
65, line 13, the computer readable medium is not limited to tangible embodiments, 
instead being defined as including both tangible embodiments (e.g., RAM, ROM, CD- 
ROM) and intangible embodiments (e.g., transmission medium such as a 
communications network). As such, the claim is not limited to statutory subject matter 
and is therefore non-statutory. 
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5. Claims 1-16 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. The claimed data structure contains only data 
that does not provide functionality. Since there is no functional descriptive language 
recited in the claims, the data structure is considered "nonfunctional descriptive 
material" and, therefore, the claims are nonstatutory. 

Claim Rejections - 35 USC § 102 

6. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

7. Claims 1, 3, 5, 7, 12 and 14 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Fischer (5,412,717). 

Fischer discloses a program authorization information (PAI) data structure used 
to verify that an application is a trusted application (i.e., comes from a trusted source 
and has not been tampered with) allowed to execute on a computer system (Abstract; 
col. 2, lines 56-64). 

Regarding claims 1 and 5, Fischer discloses that the PAI comprises a unique 
identifier of the trusted application (fig. 1, element 28), a certificate that certifies the 
public key corresponding to the private key used to sign the binary of the application 
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allowed to execute (fig. 1, element 48), and a digital signature generated using the 
unique identifier and the certificate (fig. 1, element 40). 

Regarding claim 3, Fischer further discloses that the certificate comprises a 
signed hash value of the certificate itself (col. 2, line 65 - col. 3, line 1). 

Regarding claim 7, Fischer further discloses that the certificate comprises the 
public key corresponding to the private key for signing the binary (fig. 1 , element 48). 

Regarding claim 12, Fischer further discloses data representing a set or 
properties corresponding to the PAI (fig. 1, element 34). 

Regarding claim 14, Fischer further discloses that the set of properties include 
whether the trusted application can invoke another application and thus allowing an 
additional binary to be added to the process space after the trusted application begins 
executing (col. 11, line 65 -col. 12, line 9). 

Claim Rejections - 35 USC § 103 

8. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, rf the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Fischer 
(717) as applied to claim 1 above, and further in view of Fischer (5,390,247). Fischer 
(717) discloses a public key of a public-private key pair of the party that generates the 
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PAI and the identifier of the party that generates the PAI (fig. 1, elements 40 and 48). 
Fischer (717) does not disclose a version number of the PAI. Fischer ('247) discloses 
an API having a version number (fig. 2, element 20; col. 7, lines 30-38). It would have 
been obvious to one of ordinary skill in the art at the time the invention was made to 
modify the Fischer (717) PAI such that it includes a version number, as taught by 
Fischer ('247), in order to identify the version of the interpreter that can process the PAI. 

10. Claims 4, 6, 8 and 13 is rejected under 35 U.S.C. 103(a) as being unpatentable 
over Fischer as applied to claims 3, 5, 7 and 12 above, and further in view of Atkinson 
et al (5,892,904). 

Regarding claim 4, 6 and 8, Fischer does not disclose that the PAI includes a 
certificate revocation list. Atkinson discloses a data structure used to validate an 
application and that the data structure includes certificate revocation lists (col. 20, lines 
25-35). It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the Fischer (717) PAI to includes a certificate revocation 
list, as taught by Atkinson, so that revoked certificates could be identified. Accordingly, 
a revoked certificate cannot be used to verify the signed binary. 

Regarding claim 13, Fischer does not disclose debug information. Atkinson 
discloses a data structure used to validate an application, the data structure comprising 
debug information (Abstract; col. 17, lines 42-50). It would have been obvious to one of 
ordinary skill in the art at the time the invention was made to modify the Fischer (717) 
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PAI such that it includes debug information, as taught by Atkinson. Debug information 
is advisory to debuggers. 

1 1 . Claim 9 is rejected under 35 U.S.C. 103(a) as being unpatentable over Fischer 
as applied to claim 1 above, and further in view of Arnold (6,175,924). Fischer does not 
disclose that the PAI includes an export statement that allows a secret associated with 
the application to be exported to another application. Arnold discloses a data structure 
used to validate an application and that the data structure including an export statement 
that allows protected data associated with the application to be exported to another 
application (figures 3-4; col. 6, lines 19-56), the protected data meets the limitation of a 
secret. It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the Fischer PAI such that it includes an export statement 
that allows a secret associated with the application to be exported to another 
application, as taught by Arnold, so that protected data associated with one application 
could be accessed by other applications of the same family. 

12. Claims 15-16 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Fischer (717) as applied to claims 1 and 12 above, and further in view of Fischer 
(6,105,072). 

Regarding claim 15, Fischer (717) does not disclose a property allowing implicit 
upgrade to a higher version number. Fischer ('072) discloses a property allowing 
implicit upgrading a data structure used to validate an application to a higher version 



Application/Control Number: 09/993,370 Page 7 

Art Unit: 2132 

number (fig. 1 1 B; col. 5, lines 38-43; col. 31, lines 38-47). It would have been obvious 
to one of ordinary skill in the art at the time the invention was made to modify the 
Fischer (717) PAI such that it includes a property allowing implicit upgrade to a higher 
version number, as taught by Fischer ('072). The motivation for doing so would have 
been to allow upward compatibility without sacrificing integrity. 

Regarding claim 16, Fischer (717) does not disclose a list of entry points into the 
executing trusted application. Fischer ('072) discloses a list of methods and their 
starting object code offset (fig. 5, element 56; fig. 1 1A, element 135) which meets the 
limitation of a list of entry points into the executing trusted application. It would have 
been obvious to one of ordinary skill in the art at the time the invention was made to 
modify the Fischer (717) PAI such that it includes a list of methods and their associated 
object code offsets, as taught by Fischer ('072), so that the start of the object code of 
the methods could be identified. 

Allowable Subject Matter 

1 3. Subject to the 1 01 rejection, claims 1 0 would be allowable over the prior art if 
rewritten in independent form including all of the limitations of the base claim and any 
intervening claims. 

1 4. The following is a statement of reasons for the indication of allowable subject 
matter. The present invention is directed to a stored manifest used to determine if an 
application is allowed to execute on a computer system, the manifest includes one or 
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more export statements that allows a secret associated with the application to be 
exported to another application. More specifically, dependent claim 10 identifies the 
uniquely distinct feature: each export statement comprises an identifier of the manifest, 
an identifier of the manifest that corresponds to the trusted application to which the 
secret to be exported to, and a digital signature over both identifiers. The closest prior 
art, Arnold (6,175,924), also discloses an application certificate that include an export 
statement allowing protected data associated with one application to be exported to 
other applications of the same family. However, Arnold does not teach that the export 
statement comprises an identifier of the manifest, an identifier of the manifest that 
corresponds to the trusted application to which the secret to be exported to, and a 
digital signature over both identifiers. The prior art, taken either singly or in 
combination, fails to anticipate or fairly suggest the limitations of applicant's 
independent claim, in such a manner that a rejection under 35 U.S.C 102 or 103 would 
be proper. The claimed invention is therefore considered to be in condition for 
allowance as being novel and nonobvious over prior art. 

Conclusion 

15. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

U.S. Patent No. 5,978,484 to Apperson et ai. 

U.S. Patent No. 6,154,844 to Touboul et al. 

U.S. Patent No. 6,253,323 to Cox et al. 
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U.S. Patent No. 6,463,535 to Drews 
U.S. Patent No. 6,629,150 to Huded 
U.S. Patent No. 6,766,353 to Lin et al. 
U.S. Patent No. 6,910,128 to Skibbieetal. 
U.S. Patent No. 6,915,433 to Barber 

U.S. Patent Application Publication No. 2003/0056102 to Aho et al. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Minh Dinh whose telephone number is 571-272-3802. 
The examiner can normally be reached on Mon-Fri: 10:00am-6 :30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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